added open_basedir protection against symlink

2 files changed, 46 insertions, 0 deletions

diff --git a/tests/executor/allow_symlink_off.phpt b/tests/executor/allow_symlink_off.phpt
new file mode 100644
index 0000000..8abdee8
--- /dev/null
+++ b/tests/executor/allow_symlink_off.phpt
@@ -0,0 +1,24 @@
+--TEST--
+suhosin.executor.allow_symlink=Off
+--SKIPIF--
+<?php if (!function_exists("memory_get_usage")) print "skip PHP not compiled with memory_limit support"; ?>
+--INI--
+error_reporting=E_ALL
+open_basedir=
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.script=0
+suhosin.log.file=255
+suhosin.log.file.time=0
+suhosin.log.file.name={PWD}/suhosintest.$$.log.tmp
+auto_append_file={PWD}/suhosintest.$$.log.tmp
+suhosin.executor.allow_symlink=Off
+--FILE--
+<?php
+symlink();
+ini_set("open_basedir", ".");
+symlink();
+?>
+--EXPECTF--
+Warning: symlink() expects exactly 2 parameters, 0 given in %s on line 2
+ALERT - symlink called during open_basedir (attacker 'REMOTE_ADDR not set', file '%s', line 4)
diff --git a/tests/executor/allow_symlink_on.phpt b/tests/executor/allow_symlink_on.phpt
new file mode 100644
index 0000000..dbf902c
--- /dev/null
+++ b/tests/executor/allow_symlink_on.phpt
@@ -0,0 +1,22 @@
+--TEST--
+suhosin.executor.allow_symlink=On
+--SKIPIF--
+<?php if (!function_exists("memory_get_usage")) print "skip PHP not compiled with memory_limit support"; ?>
+--INI--
+error_reporting=E_ALL
+open_basedir=
+suhosin.log.stdout=255
+suhosin.log.script=0
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.executor.allow_symlink=On
+--FILE--
+<?php
+symlink();
+ini_set("open_basedir", ".");
+symlink();
+?>
+--EXPECTF--
+Warning: symlink() expects exactly 2 parameters, 0 given in %s on line 2
+
+Warning: symlink() expects exactly 2 parameters, 0 given in %s on line 4